If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Ideally the solutions portion would provide information for multiple OS's, and the exploits column would list which systems were vulnerable

Usually I already know how to lock something down, but periodically I run into something that worked to gain access to a system and when I am writing the report I have to scratch my head for a bit and do a lot of research to figure out how I could lock it down. It would also be helpful when writing standard build documents to be able to identify plausible threats within your environment.

Tall order, tex

Well, thats a semi-tall order. Theres no magical diagram out there right now. Closest thing I could point you to would be bugtraq
(http://www.securityfocus.com/bid).

As far as other things like this attack is mitigated by that....due to the open ended nature of pretty much anything being fair game to being a victim of being exploited that too might not be around.

Do you do risk assessments for management or something? Whats your target audience because it sounds like management in which case you only need the internet cloud with a line to the bad hacker computer and the line to your network. Save you some time.

Oh and if you are in the "paper, pencil pusher" section of a security department please dont use mitagatory ever again. Ever.

I'm an Incident Handler/Auditor/Disaster Preparedness and Testing guy/First Responder (ICS)/Security Admin (firewalls, av server, etc) and all around consultant on all things IT and/or Security for the 11 IT Directors in my 10 county region for a rather largish state agency. So no, I'm not just a paper pusher, but I do write my share of reports; risk assessments/IT audits, technology implementation review documentation, governance reporting, disaster recovery testing reports, incident reports, etc and do some independent testing on the side.

I am familiar with Bugtraq and realize that there are always multiple ways to skin a cat, but I was hoping there was possibly a resource out there I had missed somewhere.

The target audience is management for the business unit being audited, however our reports usually wind up being a guidance documentation for the tech folks so we have the management summary up front with all the pretty pictures, and the technical stuff in the back with the legislative appendices, where nobody ever looks.

I recommend taking a look at the CBT Nugget course regarding Ethical Hacking (see Penetration Testers documentation). That will shed a lot of light on how to reproduce the necessary information on a level that your audience with both understand and appreciate. There's nothing like telling a manager his employees are SSH-tunneling from the internal network to their box at home and bypassing their newly instated universal password system with XSS attacks and intuitive SQL injection techniques, only to have him/her keel over from a massive brain hemorrhage. Now, you and I might understand all of that, but you do want to provide the attack/remediation information on a semi-dumbed down level, while still retaining the professional presentation that will keep you in that manager's fancy rolodex for future reference/work.

Just my 0.02p

"The goal of every man should be to continue living even after he can no longer draw breath." ~ShadowKill